iptables: -p all AND --dport xx (is it possible)
Rick Stevens
rstevens at vitalstream.com
Tue Apr 26 00:36:31 UTC 2005
Alan :) wrote:
> The following rule can't be applied
>
> iptables -A INPUT -p all --dport 80 -j DROP
>
> the above fails stating that --dport is not recognized.
>
> I'm trying to drop all traffic to port 80. If I provide a specific protocol it works. For example: iptables -A INPUT -p tcp --dport 80 -j DROP
>
> any ideas?
Not all protocols support ports (icmp, for example), so the statement is
somewhat nonsensical. Try specifying "-p tcp" and "-p udp" in two
rules.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Always remember you're unique, just like everyone else. -
----------------------------------------------------------------------
More information about the users
mailing list